close

Privacy laws and the cloud: collision path?

Newsletter

Zecurion Insight: Security lessons from the credit card industry.

Dear Colleague,

It's the biggest shift in enterprise computing in more than a decade...

"The cloud" -- while a popular topic for news stories -- raises a host of new security concerns for IT leaders.

Not surprisingly, technology and digital data are evolving faster than laws can adapt. Copyright and privacy laws, and even the Constitution, are being challenged because they don't make sense when applied to electronic media and Internet communications.

Last year, a federal judge ruled that the Fourth Amendment's protection against unreasonable searches and seizures does not apply to e-mail. He tied his decision to Google's Gmail privacy policy which states that users have no expectation of privacy.

A paper in the June 2009 edition of the Minnesota Law Review offered a detailed and insightful analysis of the issues faced when applying the Fourth Amendment to the Internet.

In "Defogging the Cloud: Applying Fourth Amendment Principles to Evolving Privacy Expectations in Cloud Computing," Minnesota Law School student David A. Couillard writes:

Hypothetically, if a briefcase is locked with a combination lock, the government could attempt to guess the combination until the briefcase unlocked; but because the briefcase is opaque, there is still a reasonable expectation of privacy in the unlocked container. In the context of virtual containers in the cloud…encryption is not simply a virtual lock and key; it is virtual opacity.

Couillard suggests a legal framework that applies Fourth Amendment rights by treating data stored with third-party providers the same as personal possessions kept in a storage unit or in a bank safe deposit box.

I tend to agree with the ideas and arguments presented in Couillard's paper. In the absence of a legal precedent, "cloud" data that is encrypted can serve as a reasonable expectation of privacy and Fourth Amendment protection.

Zecurion has issued new white paper that addresses cloud security. In:

"Protecting Data in the Cloud"

We discuss the pros and cons of cloud computing, discuss Couillard's paper, and show how to secure cloud data with Zecurion's Zserver Suite. Download your copy of this free white paper by clicking on the link above.

Be secure,

Lisbi Abraham    
Chief Technology Officer
Zecurion
304 Park Avenue South 11th Floor
New York, NY 10010
tel: (888) 220-3440
e-mail: labraham@zecurion.com

P.S. Feel free to contact me directly if you'd like my advice on how to safely store your data in the cloud.

Our business is security, so take it to heart that we
value privacy and hate spammers just as much as you do.

Read Zecurion's Privacy Policy